Method and system for compliance testing in a cloud storage environment
The invention provides automated test suite for compliance testing of cloud storage server to a Cloud Data Management Interface (CDMI) by performing functional testing of CRUD (Create, Read, Update, and Delete) operations. It offers a solution containing test scripts for validating the response from CRUD operations performed on CDMI objects and checks for the cloud storage to be CDMI compliant.
Latest Tata Consultancy Services Limited Patents:
- TOPOLOGICALLY MODULATED REFLECTING INTELLIGENT SURFACES AND METHOD TO ENABLE SECTORAL AREA COVERAGE UNDER NETWORK APPLICATIONS
- EARLY RISK ASSESSMENT OF PRETERM DELIVERY IN A SUBJECT
- METHODS AND SYSTEMS FOR PREDICTING A CATEGORY OF MAMMOGRAPHIC BREAST DENSITY FOR A SUBJECT
- METHOD AND SYSTEM FOR MULTI-OBJECT TRACKING AND NAVIGATION WITHOUT PRE-SEQUENCING
- Method and system for privacy preserving classification of websites URL
The invention relates to the field of software testing, and more particularly to compliance testing within a cloud computing network.
BACKGROUNDCloud storage nowadays has become one of the convenient ways of data storage and data sharing. There are various vendors that offer cloud storage services like web hosting besides providing scalable infrastructure for better performance. Amazon's cloud services include Simple Storage Service (Amazon S3), the Amazon cloud drive. Similarly Microsoft has its own cloud storage services like Sky Drive, Windows Azure and similar such services.
However there are a few major challenges faced by end customers in existing cloud storage services. One of the major challenges is that there is no way for a cloud storage service provider to directly migrate customer data to another cloud storage service provider. If a service goes down, the hosting company must return the data to its customer, who then must find another provider or revert back to storing it locally. This is because the API's are specific for each vendor. Moreover there are no rules and regulations for data deletion. Further the financial aspects related to each of the cloud storage offered to end-customers are different for each vendor.
In the state of art there have been attempts to check performance and conformance testing while deploying solutions on the cloud storage. One of the prior art discloses about the SNIA standards and illustrates on how “capabilities” gets implemented. However there have been rare attempts for compliance testing as proposed in the invention.
For resolving these challenges, Storage Network Industry Association (SNIA) has come up with cloud standard APIs known as Cloud Data Management Interface (CDMI) which helps client in moving data from one cloud vendor to another cloud vendor without the pain of recoding to different interfaces. With this standard way of billing and using CDMI, a customer can compare capabilities of different Cloud storage's vendors. SNIA has a technical working group (TWG) for developing these standards.
CDMI needs to be implemented by the cloud vendors as a separate module for enabling the invention as described in the detailed description. However there is no such existing technology that assists a CDMI enabled cloud vendor to perform compliance testing of CDMI module implemented by the storage server. Thus a need for developing an automated test suite for CDMI specification exists.
Enterprises using API-based vendor proprietary cloud storage solutions face a challenge of vendor lock-in owing to diverse and vendor-specific solutions. It is therefore imperative to adopt industry-standard-interface CDMI-based solutions, which facilitate interoperability between cloud storage solutions through vendor neutrality. Since, CDMI-based specifications offer multiple Cloud storage use cases such as Cloud-to-Cloud migration, and also provide a functional application interface to create, retrieve, update, and delete data elements from the Cloud, it is worthwhile to introduce a solution that for which the CDMI specification forms a base and depending upon it compliance testing of data within a cloud computing environment is performed.
In the light of the above mentioned challenges a need is exists for a comprehensive solution that perform the compliance testing of CDMI module implemented by the Storage Server.
OBJECTIVES OR THE INVENTIONThe principle objective of the invention is to provide a solution for compliance testing of CDMI (Cloud Data Management Interface) module as implemented by the storage server.
One other objective of the invention is to test the degree to which the Cloud Storage Server is CDMI compliant.
Yet another objective of the present invention is to provide automated test suite for CDMI specification.
Another objective of the invention is to verify the functionality check in case of any discrepancy observed.
SUMMARY OF THE INVENTIONThe invention helps to perform automated compliance testing in a cloud computing environment by way of providing automated test suites for CDMI specification. The invention works in accordance with the CDMI standards established as per SNIA.
In one aspect, the present invention provides a method of compliance testing system in a cloud storage environment wherein the method steps comprised of following steps:
retrieving a definition information asserting competency of plurality of cloud providers by performing a capability check and setting a http request message to a server using authentication parameters; identifying plurality of requisite test cases within a test script, including optionally created data objects from the data files, conforming to said competency for execution; executing the http request on the identified test script; verifying http status code and response parameters upon receiving an output response from the server; and validating if a requested functionality is executable on the server.
In another aspect a system of compliance testing system in a cloud storage environment is provided, the system comprising: a capability detecting module configured for retrieving a definition information asserting competency of plurality of cloud providers by performing a capability check and setting a http request message to a server using authentication parameters; an execution module for identifying plurality of requisite test cases within a test script, and executing an http request thereon; and a verification module configured to verify http status code and response parameters upon receiving an output response from the server; and validating if a requested functionality is executable on the server.
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used as an aid in determining the scope of the claimed subject matter.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by the practice of the invention. These and other features of the present invention will become more fully apparent from the following description, or may be learned by the practice of the invention as set forth hereinafter.
The foregoing summary, as well as the following detailed description of preferred embodiments, is better understood when read in conjunction with the appended drawings. For the purpose of illustrating the invention, there is shown in the drawings example constructions of the invention; however, the invention is not limited to the specific system and method disclosed in the drawings:
Some embodiments of this invention, illustrating all its features, will now be discussed in detail. The words “comprising,” “having,” “containing,” and “including,” and other forms thereof, are intended to be equivalent in meaning and be open ended in that an item or items following any one of these words is not meant to be an exhaustive listing of such item or items, or meant to be limited to only the listed item or items.
It must also be noted that as used herein and in the appended claims, the singular forms “a,” “an,” and “the” include plural references unless the context clearly dictates otherwise.
Although any systems and methods similar or equivalent to those described herein can be used in the practice or testing of embodiments of the present invention, the preferred, systems and methods are now described.
The invention provides a system and method of compliance testing for CDMI/Non CDMI objects and tests the degree to which cloud storage server is CDMI compliant by performing protocol and functional testing of CRUD (Create, Read, Update, and Delete) operation on five CDMI/Non CDMI objects namely:
- 1. Capability Object
- 2. Container Object
- 3. Data Object
- 4. Queue Object
- 5. Domain Object
There are following scenarios which are tested based on supported capabilities—
- Create container
- Read Container
- Update Container
- Delete Container
- Create data object using POST
- Create queue object using POST
- Create data object
- Read Data Object
- Update data object
- Delete Data Object
- Read Capability Object
- Create Queue Object
- Read Queue Object
- Update Queue Object
- Delete Queue Object
- Create Domain Object
- Read Domain Object
- Update Domain Object
- Delete Domain Object
For each of the above mentioned scenario multiple test cases are designed. Following are some scenarios that illustrate the creation of test cases for the above scenarios.
Scenario—Create Container
Example #1 To Create Successful ContainerIf server supports cdmi_create_container capability
Steps—
- 1. Set valid login credentials
- 2. Execute PUT request for container by specifying container name as “TestContainer1” using URI
- Get <root URI>/TestContainer1/.
- 3. Check for correct Http status code returned.
- 4. Verify that all mandatory fields for the “Testcontainer1” are returned in the response body.
- 5. Verify if container has been created successfully by executing GET request for “TestContainer1” Using URI—
- GET<root URI>/TestContainer1/
- 6. Cleanup
If server supports cdmi_create_container capability
Steps—
- 1. Set invalid login credentials
- 2. Execute PUT request for container by specifying container name as “TestContainer1” using URI
- Get <root URI>/TestContainer1/.
- 3. Check for correct Http status code returned.
- 4. Cleanup
- If server supports cdmi_create_container capability
Steps—
- 1. Set valid login credentials
- 2. Execute PUT request for container by specifying container name as “TestContainer1” using URI
- Get <root URI>/TestContainer1/.
- 3. Check for correct Http status code returned.
- 4. Verify that all mandatory fields for the “Testcontainer1” are returned in the response body.
- 5. Verify if container has been created successfully by executing GET request for “TestContainer1” Using URI—
- GET<root URI>/TestContainer1/Cleanup
If server supports cdmi_create_container and cdmi_copy_container capability
Steps—
- 1. Set valid login credentials
- 2. Execute PUT request for container by specifying container name as “TestContainer1” using URI
- Put <root URI>/TestContainer1/
- 3. Set request message body by specifying ‘copy’ field with the URI of existing container i.e. “TestContainer1” to be copied for below request
- 4. Execute PUT request for container by specifying container name as “TestContainer2” using URI
- Put <root URI>/TestContainer2/
- 5. Check for correct Http status code returned
- 6. Verify that all mandatory fields for the “Testcontainer2” are returned in the response body
- 7. Verify if container has been created successfully by executing GET request for “TestContainer2” Using URI—
- GET<root URI>/TestContainer2/
- 8. cleanup
Scenario—Create Data Object
To create a data object when more than one field (optional) are specified together.
If server supports cdmi_create_data object
Steps—
- 1. Set valid login credentials
- 2. Execute PUT request for container by specifying container name as “TestContainer1” using URI
- Put <root URI>/TestContainer1/
- 3. Set more than one fields in request message body for the PUT request for creating data object. Set the fields using Data files
- 4. Execute the PUT request for data object by specifying data object name (“do1”) and its parent directory as container name using URI—
- <PUT <root URI>/TestContainer1/do1
- 5. Check for correct Http status code returned
- 6. cleanup
Scenario—Update Queue Object
To Update Queue Object with valid fields in request message body.
If server supports cdmi_queues capability
Steps—
- 1. Set valid login credentials
- 2. Execute PUT request for container by specifying container name as “TestContainer1” using URI
- Put <root URI>/TestContainer1/
- 3. Execute PUT request for Queue object by specifying queue name as “qo1” using URI
- Put <root URI>/TestContainer1/qo1
- 4. Set valid fields in request message body for the below PUT request using data file
- 5. Execute the PUT request to update queue object using URI—
- PUT <root URI>/TestContainer1/qo1
- 6. Check for correct Http status code returned.
- 7. cleanup
Scenario—Delete Domain Object
To delete a domain object with unauthenticated credentials.
If server supports cdmi_domains and cdmi_delete_domain capabilities
Steps—
- 1. Execute PUT request for domain object by specifying domain name as “TestDomain1” with parent directory as “cdmi_domains” using URI
- Put <root URI>/cdmi_domains/TestDomain1/
- 2. Set unauthenticated credentials in DELETE request.
- 3. Execute DELETE request for domain object using URI:
- DELETE <root URI>/cdmi_domains/TestDomain1/
- 4. Check for correct Http status code returned
- 5. Cleanup
The invention tests operations for both TLS (Transport Layer Security) and Non-TLS server on CDMI/Non CDMI objects. The process of compliance testing for CDMI and Non CDMI objects involves certain fixed steps. Initially a capability check is performed. If capability is supported by cloud storage provider then proceeds to next step. Next step involves authentication of the request (request can be CRUD), which when found authenticated transmits the Http request. After receiving the request, the server sends a response, wherein the response comprises of various response parameters that later gets subjected to a verification process. The response from the server broadly comprises of:
- 1. Http status code
- 2. Response Header
- (e.g. Content-type, X-cdmi-specification version etc)
- 3. Response Message body—
Attributes of the cdmi object e.g. ObjectName, ObjectID, parentName, parentURI etc.
This response goes through a verification check to determine whether there is discrepancy in response or if any mandatory parameter's value is null or incorrect. If the response is OK, there is a check that whether the requested functionality is actually executed on the server or not. Lastly to terminate the operation cleanup is done.
Now referring to
The invention involves two types of test cases in the test suite viz. Parameterized/Non Parameterized. Primarily the basic difference in executing the Parameterized and Non Parameterized test cases is that while the former requires use of data files, latter does not; rest all other steps of execution remaining the same. In one embodiments of the invention parameterized test cases are generated in the test suite. Before starting execution of test cases, initially all the capabilities supported by cloud vendor is fetched for whom testing for CDMI compliance needs to be performed.
The following steps are followed within each test case:
- 1. Capability check: If capability(s) corresponding to the test scenario, is supported by cloud storage provider then move to next step else the test case is not executed. This is implemented by using advanced use of JUnit so that only cloud vendor's capability based test cases are executed.
- 2. Create the prerequisite objects if required in a test scenario. For Instance—for scenario “Successful creation of data object” creation of container is prerequisite.
- 3. Set valid login credentials.
- 4. Steps 1 to 6 are executed until all fields of data file are read for having multiple set of input parameters. Hence multiple test cases are built for one scenario.
- 1. Fetch values from the data file and set in an input request.
- 2. Set Request Header.
- 3. Execute Http request.
- 4. Check for correct Http status code returned.
- 5. The response goes through a verification check whether there is discrepancy in response or if any mandatory parameter's value is incorrect or null.
- 6. If the response is OK, there is a check that whether the requested functionality is actually executed on the server or not.
- 7. Finally cleanup is executed.
In another embodiment of the invention non parameterized test cases are generated.
The following steps are followed within each Non Parameterized test case:
- 1. Capability check: If capability(s) corresponding to the test scenario is supported by cloud storage provider then move to next step else that test case is not executed. For this has been implemented using JUnit so that only cloud vendor's capability based test cases are executed.
- 2. Create the prerequisite objects if required in a test scenario. For Instance—for scenario “Successful creation of data object” creation of container is prerequisite.
- 3. Set valid login credentials.
- 4. Set required parameters in input request header/message body.
- 5. Execute Http request.
- 6. Check for correct Http status code returned.
- 7. The response goes through a verification check whether there is discrepancy in response or if any mandatory parameter's value is incorrect or null.
- 8. If the response is OK, there is a check that whether the requested functionality is actually executed on the server or not.
- 9. Finally cleanup is executed.
Referring to
Initially an input request is sent. The CDMI client sends http GET/PUT/POST/DELETE input request for the CDMI Object to CDMI server. In response to the input request the Server returns http response which has response header, http status code and http response body with mandatory parameters and optional parameters of the CDMI object, called as the output response. In the next step verification of the status code and the response body is performed where determination of successful execution of sent request made.
Referring to the system as shown in
- 1. Http status code
- 2, Response Header
- (e.g. Content-type, X-cdmi-specification version etc)
- 3. Response Message body—
- Attributes of the cdmi object e.g. ObjectName, ObjectID, parentName, parentURI etc.
This response goes through a verification check in the verification module to determine whether there is discrepancy in response or if any mandatory parameter's value is null or incorrect. If the response is OK, there is a check that whether the requested functionality is actually executed on the server or not. The verification module communicates with the library which has APIs for performing create, read, update, and delete operations on CDMI objects. There are other functions also like—function for response validation and so on. Lastly to terminate the operation cleanup is done.
Advantages of the Present Invention:
- 1. The automated test suite provides Compliance testing for conformity to SNIA CDMI Specification for different Cloud Storage use cases.
- 2. The same steps can be used for testing proprietary APIs of any cloud storage providers.
- 3. The data files concept helps in executing multiple test cases using only one script. Hence helps in executing multiple scenarios and giving higher coverage of testing.
- 4. However, only those test cases will be executed for which capability is supported by CDMI Cloud Storage providers.
The preceding detailed descriptions are presented in terms of algorithms and symbolic representations of operations on data bits within a computer memory. These algorithmic descriptions and representations are the tools used by those skilled in the data processing arts to most effectively convey the substance of their work to others skilled in the art. An algorithm is here, and generally, conceived to be a self-consistent sequence of operations leading to a desired result. The operations are those requiring physical manipulations of physical quantities.
It should be kept in mind, however, that all of these and similar terms are to be associated with the appropriate physical quantities and are merely convenient labels applied to these quantities. Unless specifically stated otherwise as apparent from the above discussion, it is appreciated that throughout the description, discussions utilizing terms such as “processing” or “computing” or “executing” or “verifying” or “validating” or the like, refer to the action and processes of a computer system, or similar electronic computing device having a processor and a non-transitory memory, among other components, that manipulates and transforms data represented as physical (electronic) quantities within the computer system's registers and memories into other data similarly represented as physical quantities within the computer system memories or registers or other such information storage or transmission.
Working ExampleThe present invention also relates to an apparatus for performing the operations described herein. This apparatus may be specially constructed for the required purpose, or it may comprise a general-purpose computer selectively activated or reconfigured by a computer program stored in the computer. Such a computer program may be stored in a computer readable storage medium, such as, but is not limited to, any type of disk including floppy disks, optical disks, CD-ROMs, and magnetic-optical disks, read-only memories (ROMs), RAMs, EPROMs, EEPROMs, magnetic or optical cards, or any type of media suitable for storing electronic instructions, and each coupled to a computer system bus.
The process presented herein in the working example is not inherently related to any particular computer or other apparatus, but for enabling the working of invention by a person skilled in the art. Various general-purpose systems may be used with programs in accordance with the teachings herein, or it may prove convenient to construct a more specialized apparatus to perform the operations described.
Scenario: Create Container
ExampleTo create container successfully with different valid names.
- 1. Check If server supports “cdmi_create_container” capability. If it is supported then follow steps from 2 onwards, else test case is not executed.
- 2. Set valid login credentials
- 3. Fetch valid container names from data file.
- 4. Execute PUT request for container by specifying container name fetched from data file, using URI
- Put <root URI>/<container name>/.
- 5. Check for correct Http status code returned.
- 6. Verify that all mandatory fields for the container are returned in the response body and are not null and have correct values.
- 7. Execute GET request for container to check if it is created successfully, using URI
- Get <root URI>/<container name>/.
- 8. Check for correct Http status code returned.
- 9. Cleanup for container created.
Steps 3 to 9 are executed until all fields from data file are fetched.
In the foregoing specification, the invention has been described with reference to specific exemplary embodiments thereof. It will be evident that various modifications may be made thereto without departing from the broader spirit and scope of the invention as set forth in the following claims. The specification and drawings are, accordingly, to be regarded in an illustrative sense rather than a restrictive sense.
Claims
1. A method of compliance testing system in a cloud storage environment, the method comprising:
- Retrieving, by a processor, a definition information asserting competency of a plurality of cloud providers by performing a capability check and setting a http request message to a server using authentication parameters, wherein the http request message refers to GET/PUT/POST/DELETE requests, wherein the GET/PUT/POST/DELETE requests are sent for CDMI objects on the server for performing a functionality and setting a request header for an operation, and wherein the authentication parameters include login credentials;
- identifying, by the processor, a plurality of requisite test cases within a test script, including optionally created data objects from the data files, conforming to said competency for execution;
- executing, by the processor, the http request message on the identified test script;
- verifying, by the processor, a http status code and response parameters upon receiving an output response from the server; and
- validating, by the processor, if a requested functionality is executable on the server.
2. The method of claim 1, wherein the capability check asserts if at least one of the plurality of cloud storage providers has a capability conforming to at least one of the plurality of requisite test cases.
3. The method of claim 1, wherein at least one verification of response parameters involves verifying whether there is discrepancy in the server response or if any mandatory parameter's value is incorrect or null.
4. The method of claim 1, wherein the output response returns a http response which has a response header, the http status code and a http response body.
5. The method of claim 4, wherein the response header contains mandatory response parameters comprising content type and X-CDMI-specification version.
6. The method of claim 4, wherein the response body contains response parameters comprising at least one attribute of CDMI objects, wherein the at least one attribute of CDMI objects further comprises at least one of object name, object ID, parent name, and parent URL.
7. The method of claim 1, wherein the requested functionality is one of a read operation, a creates operation, an update operation, and a delete operation.
8. A system of compliance testing system in a cloud storage environment, the system comprising:
- a processor; and
- a non-transitory memory coupled to the processor, wherein the processor executes modules stored in the non-transitory memory, wherein the modules comprises: a capability detecting module configured for retrieving definition information asserting competency of a plurality of cloud providers by performing a capability check and setting a http request message to a server using authentication parameters, wherein the http request message refers to GET/PUT/POST/DELETE requests, wherein the GET/PUT/POST/DELETE requests are sent for CDMI objects on the server for performing a functionality and setting a request header for an operation, and wherein the authentication parameters include login credentials; an execution module for identifying a plurality of requisite test cases within a test script, and executing an http request thereon; and a verification module configured to verify http status code and response parameters upon receiving an output response from the server, and validating if a requested functionality is executable on the server.
9. The system of claim 8, wherein the capability detecting module asserts if at least one of the plurality of cloud storage providers has capability conforming to at least one of the plurality of requisite test cases.
10. The system of claim 8, wherein the verification module verifies whether there is discrepancy in a server response or if any mandatory parameter's value is incorrect or null.
11. The system of claim 8, wherein the output response returns http response which has a response header, the http status code and a http response body with mandatory parameters and optional parameters of the CDMI object.
12. The system of claim 8, wherein the functionality is at least one of a read operation, a creates operation, an update operation and a delete operation.
7680927 | March 16, 2010 | McMullen et al. |
20090300423 | December 3, 2009 | Ferris |
20100198960 | August 5, 2010 | Kirschnick et al. |
20100319004 | December 16, 2010 | Hudson et al. |
20110010691 | January 13, 2011 | Lu et al. |
20110131315 | June 2, 2011 | Ferris et al. |
20110289440 | November 24, 2011 | Carter et al. |
20120072985 | March 22, 2012 | Davne et al. |
20120221522 | August 30, 2012 | Allman et al. |
20120296977 | November 22, 2012 | Ellison et al. |
20120303776 | November 29, 2012 | Ferris |
20120324069 | December 20, 2012 | Nori et al. |
20130097306 | April 18, 2013 | Dhunay |
20130111027 | May 2, 2013 | Milojicic et al. |
20130174168 | July 4, 2013 | Abuelsaad et al. |
20130191726 | July 25, 2013 | Park et al. |
20130204849 | August 8, 2013 | Chacko |
20130268913 | October 10, 2013 | Anderson et al. |
20140164315 | June 12, 2014 | Golshan |
20140282456 | September 18, 2014 | Drost et al. |
20140282518 | September 18, 2014 | Banerjee |
20140351796 | November 27, 2014 | Gur-esh et al. |
20140359128 | December 4, 2014 | Bhattacharya et al. |
20150067761 | March 5, 2015 | Bade et al. |
- SNIA , “Cloud Data Management Interface (CDMI™) Version 1.0.2”, SNIA Technical Position, Jun. 4, 2012.
- Tata Consultancy Services Limited, “Cloud Data Management Interface' Automated Test Suite (CATS)”, 2012, High Tech Brochure, India.
- Tata Consultancy Services “TCS Develops CDMI Automated Test Suite to Support Cloud Storage Interoperability” , Nov. 7, 2011, Mumbai, India.
- David Slik,NetApp,Inc, “CDMI conformance and performance testing” , 2011.
- INFOSYS, “Cloud Migration Testing Approach”, Jun. 6, 2012.
- Nelson Hall, “IT Outsourcing Vendor Profile of: Infosys—Software Testing”, Mar. 2012.
- Swati Ranganathan, “Phases of Data migration: Test”.
- HEXAWARE Technologies “Data Migration”.
Type: Grant
Filed: Aug 29, 2013
Date of Patent: Aug 25, 2015
Patent Publication Number: 20140068340
Assignee: Tata Consultancy Services Limited (Mumbai, Maharashtra)
Inventors: Reena Dayal (Lucknow), Nishi Gupta (Lucknow), Hansi Agarwal (Lucknow)
Primary Examiner: Kamini Patel
Application Number: 14/013,165
International Classification: G06F 11/00 (20060101); G06F 11/36 (20060101);